An official website of the United States government
Here’s how you know
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
While Mandatory Access Controls (MAC) are appropriate for multilevel secure military applications, Discretionary Access Controls (DAC) are often perceived as meeting the security processing needs of industry and civilian government. This paper argues that reliance on DAC as the principal method of access control is unfounded and inappropriate for many commercial and civilian government organizations. The paper describes a type of non-discretionary access control: role-based access control (RBAC) that is more central to the secure processing needs of non-military systems than DAC.
Ferraiolo, D.
and Kuhn, D.
(1992),
Role-Based Access Controls, 15th National Computer Security Conference, Baltimore, MD, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=916401
(Accessed June 1, 2023)